In the technological arena, three years is a lifetime. Since thefirst edition of this book was published in 2004, built-in securitymeasures on compilers and operating systems have becomecommonplace, but are still far from perfect. Arbitrary-codeexecution vulnerabilities still allow attackers to run code oftheir choice on your system—with disastrous results.

In a nutshell, this book is about code and data and what happenswhen the two become confused. You'll work with the basic buildingblocks of security bugs—assembler, source code, the stack,the heap, and so on. You'll experiment, explore, and understand thesystems you're running—and how to better protect them.